Skip to content

oauth2: add device flow support #545

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 2 commits into from
Closed

oauth2: add device flow support #545

wants to merge 2 commits into from

Conversation

@marcusirgens
Copy link

@marcusirgens marcusirgens commented Feb 16, 2022
edited
Loading

Resolves merge conflicts in #356.

Also fixes some issues:

  • Stops polling when the server responds with an unexpected error
  • Uses correct types for the expires_in and interval properties in the Device Authorization Response

Resolves #418.

centimitr and others added 2 commits February 16, 2022 22:53
@centimitr @marcusirgens
oauth2: add device flow support
aed15fd
@marcusirgens
oauth2: Comply with RFC8628
4df03c7 
Fixes various small errors, possibly due to changes betweend the
device flow draft and the final RFC.

Also includes a fix to avoid being stuck in an endless poll when
the token endpoint does not return a well-formed, expected error.

The following is the example response payload in RFC8628:

      HTTP/1.1 200 OK
      Content-Type: application/json
      Cache-Control: no-store

      {
        "device_code": "GmRhmhcxhwAzkoEqiMEg_DnyEysNkuNhszIySk9eS",
        "user_code": "WDJB-MJHT",
        "verification_uri": "https://example.com/device",
        "verification_uri_complete":
            "https://example.com/device?user_code=WDJB-MJHT",
        "expires_in": 1800,
        "interval": 5
      }

Using `json:"expires_in,string"` causes issues when an unquoted int
is encountered.
@anderspitman
Copy link

anderspitman commented Feb 18, 2022

Brilliant timing. I just checked Golang for support of the device flow today.

@marcusirgens
Copy link
Author

marcusirgens commented Feb 19, 2022

Brilliant timing. I just checked Golang for support of the device flow today.

I encountered some bugs while testing this code, @anderspitman. Please let me know if you encounter any unexpected behaviour. I'll try to write some tests this weekend.

@anderspitman
Copy link

anderspitman commented Feb 21, 2022

@marcusirgens unfortunately I'm implementing a custom OAuth2 server, so I might wait until this is stable before using it, and might not be much help in testing. But if I do end up giving it a try I'll let you know.

@hickford hickford closed this Sep 7, 2023
@hickford
Copy link
Contributor

hickford commented Sep 7, 2023

Implemented in e3fb0fb

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Support OAuth2 Device Flow

4 participants

@marcusirgens @anderspitman @hickford @centimitr